Have a question about this requirement?

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Requirement

Users can be assigned to groups with similar access rules for ease of administration

Functional Area

Administration

Industries
All
DETAILS

Description

User grouping functionality in Corporate Performance Management (CPM) software allows businesses to assign individual users to groups according to similar access rules. This functionality promotes simplified administration and enhanced security by enabling tight control over user access to reports, metrics, and data sets.

Example Use Case

Scenario: A business uses CPM software to monitor business performance across various departments. They need a way to efficiently manage the software access for hundreds of employees with differing roles and security requirements.

Solution: The user grouping feature in the CPM software enables the administrator to create groups like 'Finance Team', 'Operations Team', and 'Executive Team'. Each group is assigned access rules suitable for their role. For instance, the 'Finance Team' can access detailed financial reports, 'Operations Team' can see operational data, and 'Executive Team' views high-level performance reports. This simplifies user management and strengthens data security.

Considerations

This basic requirement is necessary when managing a large amount of users in the system, usually 20 or more. Most CPM tools on the market have some sort of group security mechanism, coming in a few flavors:

  • Create group policies and apply several people to that group. One size fits all for the people in that group.
  • Same as above with ability to make exceptions to certain rules for certain people
  • Same as above with the added ability to further segment users by dimensions like Department
  • No group security, everything handled at the individual user level

If you plan to launch a finance-only deployment in phase 1, but may entertain a broader, collaborative deployment in phase 2, make sure to consider these security mechanisms now.

Questions to Ask a Vendor

  • Security Groups: How easy is it to create and manage user groups in your system? Is it all or nothing, or can we make exceptions for certain users?
  • Integration Capabilities: Does your system support integration with existing directory services for user grouping, like SAML-compatible SSO tools, Active Directory, and so on?